<?php
/*
	+-----------------------------------
	+	@用户身份验证文件
	+-----------------------------------
	+	@leimon2012@gmail.com
	+-----------------------------------
*/

class Auth{
	
	
	//验证用户身份
	public function checkUserAuth($username,$password)
	{
		require("configs/database.inc.php");		//引入数据库配置
		//if($D->rows("SELECT * FROM `admin` WHERE username = '".$username."' AND PASSWORD = md5( '".$password."' )")){
		if($D->get_where("admin",array('username' => $username,'password' => $password))){
			$_SESSION['username'] = $username;
			$_SESSION['sid'] = session_id();
			return true;
		}else{
			return false;
		}
	}
	
	//检查用户身份
	public function isValidUser()
	{
		if(empty($_SESSION['username']) && !isset($_SESSION['sid'])){
			//存在bug 加强安全
			return false;
		}else{
			return true;	
		}
	}
	
	
}
?>